Try our new research platform with insights from 80,000+ expert users

AWS Firewall Manager vs FortiGate Cloud-Native Firewall (FortiGate CNF) comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 4, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Firewall Manager
Ranking in Firewall Security Management
9th
Average Rating
7.8
Reviews Sentiment
6.6
Number of Reviews
9
Ranking in other categories
No ranking in other categories
FortiGate Cloud-Native Fire...
Ranking in Firewall Security Management
6th
Average Rating
8.4
Reviews Sentiment
7.7
Number of Reviews
16
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Firewall Security Management category, the mindshare of AWS Firewall Manager is 3.7%, down from 5.7% compared to the previous year. The mindshare of FortiGate Cloud-Native Firewall (FortiGate CNF) is 1.7%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management Market Share Distribution
ProductMarket Share (%)
FortiGate Cloud-Native Firewall (FortiGate CNF)1.7%
AWS Firewall Manager3.7%
Other94.6%
Firewall Security Management
 

Featured Reviews

Karthik Ekambaram - PeerSpot reviewer
Has centralized rule management and improved protection against suspicious traffic but needs better threat intelligence integration and automated policy enforcement
I have not compared AWS WAF with any other WAF solution yet, but whatever WAF you choose, there will always be challenges, and it cannot block all malicious traffic. For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads. However, the malicious payloads are not straightforward, and there are assembly scripts that come with the HTTP headers that sometimes AWS WAF misses. In the last four or five years, we have seen a case where WAF was unable to capture a threat. On the other hand, we also see alerts from WAF indicating that it has figured out many DDoS protection alerts and was able to block them, even with rate limiting. Rule-based WAF works perfectly fine, but I don't think any threat intelligence-based WAF solutions can be 100% accurate. The integration with AWS Organizations and enforcement of security policies, particularly SCP, is difficult to deploy in most of my companies due to client environments. When I say difficult, it depends on the client's organization processes, not AWS itself. The SCP feature is excellent in my view and is the best way to reduce the attack surface for organizations structured in a specific manner. While we have used it internally, limited features of SCPs can be utilized by customers. Regarding automating security policy deployment, we have utilized automated security policy features, but it is difficult in some instances. We have identified what has been identified, but enabling automated SCP policies can be restrictive, which is actually good but makes it hard to implement for all organizations. Automating security policy features could understand the customer's environment better. An AI- or ML-enabled automated SCP could be a better option since it can understand the actions of administrators or developers in the customer's organization within the AWS platform, providing more in-depth automated assessments and SCP features. I rate this solution 8 out of 10.
MuhammadJahangir - PeerSpot reviewer
Provided us with a good experience, making it the best firewall for our needs
We are using two Fortinet firewalls. One is as an office firewall for all users behind it, configured with remote VPN for users working from home. The other firewall is for production use, with our applications behind it, ensuring PCI DSS compliance. It is deployed in AWS Cloud FortiGate has…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Also, the strength of the community is invaluable."
"Once this solution is set up, we hardly have to touch it."
"It has centralized cloud firewall management rules. It provides compliance in tracking and reporting."
"AWS Firewall Manager isn't a separate solution when you create the virtual private cloud (VPC), so you can control the traffic through that security group."
"The most valuable feature is the centrally managed rule. I also like the central orchestration."
"We work with compliance monitoring in the product, which is helpful for identifying framework-based misconfigurations, as it can tell you where to deploy firewall policies based on the frameworks."
"The interface is intuitive and it is easy for the users."
"The product is highly reliable."
"FortiGate's offering of many features in one license is cost-effective."
"Support is excellent. There is local support through the distributor, which is efficient and provides a friendly relationship."
"The solution can scale well."
"Threat detection and prevention features are the most effective aspects of FortiGate CNF."
"I have configured some SD-WAN features, and it's worked pretty well. It manages pretty well, connecting all links to the firewall. It can lower balance and traffic management."
"FortiGate Cloud-Native Firewall (FortiGate CNF) is highly valued for its pricing, which is considered very affordable."
"The focus is on the comprehensive coverage of threats and the reliability of the chosen solution. Ease of use and familiarity are crucial."
"FortiGate Cloud-Native Firewall provides the same features that higher-end models offer, but at a much lower cost."
 

Cons

"Enabling and configuring the logging is not that straightforward."
"The system should be more customizable."
"They could consider organizing and enhancing documentation in a more structured and chronological manner"
"For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads."
"I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty."
"It needs to be more employee-friendly, and the security management could be more efficient."
"The product could benefit from improvements in the user interface and integration capabilities."
"This solution is suitable for a small-scale enterprise and may not scale up to a very high volume of traffic or a large number of servers."
"The solution is not stable in terms of switching."
"Unfortunately, FortiGate Cloud-Native Firewall (FortiGate CNF) is not very scalable. For businesses that grow or develop further, only about ten percent can handle the increase."
"There is room for improvement in terms of support."
"There could be more detailed descriptions regarding version upgrades, particularly in terms of the upgrade process."
"The prices for FortiGate are way too high and are perceived as overpriced."
"The deployment process is complex."
"They should offer more affordable renewal options or flexible plans for license upgrades."
"The customization of FortiGate Cloud-Native Firewall (FortiGate CNF) could be improved, particularly in terms of configurations to better adjust to specific needs."
 

Pricing and Cost Advice

"It is a cost-efficient product."
"The AWS Firewall Manager is a little on the costly side."
"From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option."
"The licensing is on a pay-as-you-go basis and we are billed monthly."
"It is an expensive platform."
"The pricing is competitive."
"FortiGate's price is really good."
"FortiGate Cloud-Native Firewall is not an expensive solution."
"The tool's licensing costs are cheap and yearly."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
869,095 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
10%
Financial Services Firm
10%
Comms Service Provider
7%
Manufacturing Company
7%
Manufacturing Company
15%
Financial Services Firm
11%
Energy/Utilities Company
7%
Computer Software Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Large Enterprise6
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise2
Large Enterprise3
 

Questions from the Community

What do you like most about AWS Firewall Manager?
It has centralized cloud firewall management rules. It provides compliance in tracking and reporting.
What is your experience regarding pricing and costs for AWS Firewall Manager?
On a scale of one to ten, I would rate the pricing for AWS Firewall Manager as seven, where one is cheap and ten is expensive.
What needs improvement with AWS Firewall Manager?
AWS Firewall Manager should be open to manage other third-party appliances as well.
What is your experience regarding pricing and costs for FortiGate Cloud-Native Firewall (FortiGate CNF)?
The pricing is a bit expensive, primarily due to licensing fees. Extra expenses include upgradations beyond licensing.
What needs improvement with FortiGate Cloud-Native Firewall (FortiGate CNF)?
The customization of FortiGate Cloud-Native Firewall (FortiGate CNF) could be improved, particularly in terms of configurations to better adjust to specific needs.
 

Interactive Demo

 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Information Not Available
Find out what your peers are saying about AWS Firewall Manager vs. FortiGate Cloud-Native Firewall (FortiGate CNF) and other solutions. Updated: September 2025.
869,095 professionals have used our research since 2012.